The remote Windows host contains a version of Adobe AIR Player that is earlier than 1.5.2. Such versions are reportedly affected by multiple vulnerabilities :
A memory corruption vulnerability that could potentially lead to code execution. (CVE-2009-1862)
A privilege escalation vulnerability that could potentially lead to code execution. (CVE-2009-1863)
A heap overflow vulnerability that could potentially lead to code execution. (CVE-2009-1864)
A null pointer vulnerability that could potentially lead to code execution. (CVE-2009-1865)
A stack overflow vulnerability that could potentially lead to code execution. (CVE-2009-1866)
A clickjacking vulnerability that could allow an attacker to lure a web browser user into unknowingly clicking on a link or dialog. (CVE-2009-1867)
A URL parsing heap overflow vulnerability that could potentially lead to code execution. (CVE-2009-1868)
An integer overflow vulnerability that could potentially lead to code execution. (CVE-2009-1869)
A local sandbox vulnerability that could potentially lead to information disclosure when SWFs are saved to the hard drive. CVE-2009-1870)
Binary data 5109.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1865
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1866
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1868
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1869
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1870
www.adobe.com/support/security/bulletins/apsb09-10.html